summaryrefslogtreecommitdiffstats
path: root/external/libtiff/0001-ofz-54685-Timeout.patch
diff options
context:
space:
mode:
Diffstat (limited to 'external/libtiff/0001-ofz-54685-Timeout.patch')
-rw-r--r--external/libtiff/0001-ofz-54685-Timeout.patch59
1 files changed, 59 insertions, 0 deletions
diff --git a/external/libtiff/0001-ofz-54685-Timeout.patch b/external/libtiff/0001-ofz-54685-Timeout.patch
new file mode 100644
index 0000000000..e09b9679f0
--- /dev/null
+++ b/external/libtiff/0001-ofz-54685-Timeout.patch
@@ -0,0 +1,59 @@
+From caab95ab518aafbc985974098ad806f769c462ea Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
+Date: Fri, 20 Jan 2023 10:41:34 +0000
+Subject: [PATCH] ofz#54685 Timeout
+
+---
+ libtiff/tif_ojpeg.c | 29 +++++++++++++++++++++++++++++
+ 1 file changed, 29 insertions(+)
+
+diff --git a/libtiff/tif_ojpeg.c b/libtiff/tif_ojpeg.c
+index 0c915de2..27b84611 100644
+--- a/libtiff/tif_ojpeg.c
++++ b/libtiff/tif_ojpeg.c
+@@ -1312,6 +1312,34 @@ static int OJPEGReadSecondarySos(TIFF *tif, uint16_t s)
+ return (1);
+ }
+
++// see also vcl/source/filter/jpeg/jpegc.cxx
++static void emitMessage(j_common_ptr cinfo, int msg_level)
++{
++ if (msg_level < 0)
++ {
++ // https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf
++ // try to retain some degree of recoverability up to some reasonable
++ // limit (initially using ImageMagick's current limit of 1000), then
++ // bail.
++ const int WarningLimit = 1000;
++#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
++ // ofz#50452 due to Timeouts, just abandon fuzzing on any
++ // JWRN_NOT_SEQUENTIAL
++ if (cinfo->err->msg_code == JWRN_NOT_SEQUENTIAL)
++ {
++ cinfo->err->error_exit(cinfo);
++ return;
++ }
++#endif
++ if (++cinfo->err->num_warnings > WarningLimit)
++ cinfo->err->error_exit(cinfo);
++ else
++ cinfo->err->output_message(cinfo);
++ }
++ else if (cinfo->err->trace_level >= msg_level)
++ cinfo->err->output_message(cinfo);
++}
++
+ static int OJPEGWriteHeaderInfo(TIFF *tif)
+ {
+ static const char module[] = "OJPEGWriteHeaderInfo";
+@@ -1327,6 +1355,7 @@ static int OJPEGWriteHeaderInfo(TIFF *tif)
+ sp->libjpeg_jpeg_error_mgr.output_message =
+ OJPEGLibjpegJpegErrorMgrOutputMessage;
+ sp->libjpeg_jpeg_error_mgr.error_exit = OJPEGLibjpegJpegErrorMgrErrorExit;
++ sp->libjpeg_jpeg_error_mgr.emit_message = emitMessage;
+ sp->libjpeg_jpeg_decompress_struct.err = &(sp->libjpeg_jpeg_error_mgr);
+ sp->libjpeg_jpeg_decompress_struct.client_data = (void *)tif;
+ if (jpeg_create_decompress_encap(
+--
+2.39.0
+